The CISA NCCIC-ICS published six control system security advisories
for products from OSIsoft, Siemens (4), and GE/Emerson. They also updated 10
previously published advisories for products from Siemens.
OSIsoft Advisory
This advisory
describes four vulnerabilities in the OSIsoft PI Vision visualization tool. The
vulnerabilities are self-reported. OSIsoft has a new version that mitigates the
vulnerabilities.
The four reported vulnerabilities are:
• Improper access control - CVE-2019-18275;
• Cross-site request forgery - CVE-2019-18271;
• Cross-site scripting - CVE-2019-18273;
and
• Inclusion of sensitive
information in log files - CVE-2019-18244
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit these vulnerabilities to allow disclosure of sensitive information and
limit the availability of the system.
TIA Portal Advisory
This advisory
describes a path traversal vulnerability in the Siemens TIA Portal. The vulnerability
was reported by William Knowles from Applied Risk. Siemens has an update that
mitigates the vulnerability.
There is no indication that Knowles has been provided an
opportunity to verify the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker with
local access could exploit the vulnerability to allow a local attacker to
execute arbitrary code with SYSTEM privileges.
SINAMICS Advisory
This advisory
describes a protection mechanism failure vulnerability in the Siemens SINAMICS
PERFECT HARMONY GH180 voltage converter. The vulnerability is self-reported.
Siemens has configuration changes available that mitigate the vulnerability.
NCCIC-ICS reports that a relatively low-skilled attacker
with physical access to the device could exploit this vulnerability to allow an
unauthorized attacker with physical access to the affected device to restart the
HMI with disabled security controls, which could be used to launch further
attacks against the affected device.
SCALANCE X Advisory
This advisory
describes a missing authentication for critical function vulnerability in the
Siemens SCALANCE X Switches. The vulnerability was reported by Maxim Rupp. Siemens
has new versions that mitigate the vulnerability. There is no indication that
Maxim has been provided an opportunity to verify the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit this vulnerability to allow an unauthenticated attacker
to violate access-control rules.
SINEMA Advisory
This advisory
describes an incorrect privilege assignment vulnerability in the Siemens SINEMA
Server network management software. The vulnerability was reported by Antonin
Rahon from Agilicom. Siemens has an update that mitigates the vulnerability.
There is no indication that Rahon has been provided an opportunity to verify
the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker with
authorized access but low-privilege could remotely exploit the vulnerability to
perform firmware updates and other administrative operations on connected
devices.
GE Advisory
This advisory
describes an improper input validation vulnerability in the GE/Emerson PACSystems
RX3i. The vulnerability was reported by Yeop Chang. Emerson has new versions
that mitigate the vulnerability. There is no indication that Chang has been
provided an opportunity to verify the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerability to cause the system to change to
halt-mode, resulting in a denial-of-service condition.
SCALANCE Update #1
This update
provides additional information for an advisory that was originally
published on June 12th, 2018. The new information includes
updated version data and mitigation links for SCALANCE X-300/X408.
SCALANCE Update #2
This update
provides additional information for an advisory that was originally published
on June 18th, 2018 and most recently
updated on June 12th, 2019. The new information includes updated
version data and mitigation links for:
• SCALANCE X-300 switch family
(incl. SIPLUS NET variants); and
• SCALANCE X408
SCALANCE Update #3
This update
provides additional information for an advisory that was originally
published on March 26th, 2019 and most
recently updated on June 11th, 2019. The new information
includes updated version data and mitigation links for SCALANCE X-300/X408
SIMATIC Update #1
This update
provides additional information for an advisory that was originally published
on March 9th, 2019 and most
recently updated on October 8th 2019. The new information includes
updated version data and mitigation links for:
• WinCC Runtime Advanced,
• SITOP Manager,
• SITOP UPS1600, and
• SIMATIC HMI Panels
Industrial Products Update
This update
provides additional information for an advisory that was originally published
on April 9th, 2019 and most
recently updated on July 9th, 2019. The new information includes
revised affected version data and mitigation links for:
• SIMATIC Panels; and
• SIMATIC WinCC Runtime Advanced
SCALANCE Update #4
This update
provides additional information for an advisory that was originally
published on June 11th, 2019. The new information includes
updated version data and mitigation links for SCALANCE X-300/X408.
SIMATIC Update #2
This update
provides additional information for an advisory that was originally
published on October 8th, 2019. The new information includes
updated affected version data and mitigation links for SIMATIC WinAC RTX (F)
2010.
PROFINET Update
This update
provides additional information for an advisory that was originally
published on October 10th, 2019 and most
recently updated on November 14th, 2019. The new information
includes updated affected version data and mitigation links for:
• SIMATIC S7-1200; and
• S7-1500 Software and Open
Controller
IRT Devices Update
This update
provides additional information for an advisory that was originally
published on October 10th, 2019. The new information includes updated
affected version data and mitigation links for SINAMICS SL150 V4.7.
EN100 Update
This update
provides additional information for an advisory that was originally
published on December 10th, 2019. The new information includes
adding SWT3000 to the affected product list.
Other Advisories
Siemens also published
one other advisory and four other updates yesterday that were not included in
the NCCIC-ICS release. One of those updates has never been covered by NCCIC-ICS,
but the others may be addressed tomorrow.
Schneider also published
one new advisory and two updates yesterday. They may be covered by NCCIC-ICS.
Posts
No comments:
Post a Comment